Lucene search

Veracode Vulnerability DatabaseVERACODE:39742

HistoryMar 12, 2023 - 10:43 p.m.

Denial Of Service (DoS)

2023-03-1222:43:39

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

wireshark

vulnerability

denial of service

dos

memory exhaustion

kafka protocol

attacker

application crashing

packet injection

crafted capture file

software

0.001 Low

EPSS

Percentile

48.2%

JSON

wireshark is vulnerable to Denial Of Service (DoS). The vulnerability exists due to the memory exhaustion in the Kafka protocol dissector, which allows an attacker to crash the application via the packet injection or crafted capture file

CPENameOperatorVersion
wireshark:sideq3.4.3-1
wireshark:sideq3.2.8-0.1
wireshark:sideq3.4.3-1
wireshark:sideq3.2.8-0.1

Name	Operator	Version
wireshark:sid	eq	3.4.3-1
wireshark:sid	eq	3.2.8-0.1
wireshark:sid	eq	3.4.3-1
wireshark:sid	eq	3.2.8-0.1

References

gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4344.json

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDZMWIKH3L5JQZC6GSVOJ3N5UXNQPJGQ/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGWIW6K64PKC375YAONYXKIVT2FDEDV3/

lists.fedoraproject.org/archives/list/[email protected]/message/RDZMWIKH3L5JQZC6GSVOJ3N5UXNQPJGQ/

lists.fedoraproject.org/archives/list/[email protected]/message/SGWIW6K64PKC375YAONYXKIVT2FDEDV3/

security-tracker.debian.org/tracker/CVE-2022-4344

www.wireshark.org/security/wnpa-sec-2022-10.html

0.001 Low

EPSS

Percentile

48.2%

JSON

Related for VERACODE:39742